| ▲ | bitexploder 3 hours ago |
| Low tech: I put my secret manager password in a physical journal that is locked in a fire proof, water proof vault and hidden somewhere only my partner and myself know where it is. I use a password manager. Everything else goes in the password manager. |
|
| ▲ | repiret 2 hours ago | parent | next [-] |
| This is what I do too, but be warned about “fire proof” - a fire that results in the total loss of your house will create enough heat for enough time that fireproof gun safes and smaller fireproof lockboxes will be destroyed, or even if not, their contents will get hot enough to combust anyway. A bank safe deposit box offers a different security profile that’s probably more robust against fire because banks burn less often than houses. It’s probably not practical to really be robust against fire without being buried several feet deep. |
| |
| ▲ | Eduard an hour ago | parent | next [-] | | https://en.wikipedia.org/wiki/2025_Gelsenkirchen_heist In December 2025, items worth an estimated €30 million were stolen from a Sparkasse bank in the Gelsenkirchen suburb of Buer, Germany. The thieves used a large drill to break into the bank's underground vault and proceeded to crack over 3,000 safe deposit boxes. | | |
| ▲ | nerdsniper an hour ago | parent [-] | | Don’t need events that extreme. Regular branch banks have stuff go missing from the safety deposit boxes shockingly regularly. The locks aren’t particularly secure and various people are able to access them. It can be hard to find articles about them because they don’t make the news like the more remarkable incidents do. Examples of boring security box failures (but that were noteworthy in other ways so they did make the news): Jennifer Morsch, Roberta Glassman, Lianna Sarabekyan (multiple customers affected), Philip Poniz, Wells Fargo in Cape Coral FL, Wells Fargo Katy TX (many customers affected, blamed on road construction down the street), lots of individual stories where banks just totally stopped following their own procedures on ID checking and logging. The vast majority of these don’t make the news because there’s no proof there was even anything inside the box in the first place so anyone could be lying. > Mr. Pluard, who tracks legal filings and news reports, estimates that around 33,000 boxes a year are harmed by accidents, natural disasters and thefts. > Oddly, the bank returned to him five watches that weren’t his. “They were the wrong color, the wrong size — totally different than what I had,” Mr. Poniz said. “I had no idea where they came from.” https://archive.is/j8e6x |
| |
| ▲ | ses1984 2 hours ago | parent | prev | next [-] | | Another solution is to engrave your secret on something that’s stable up to household fire temperatures. | | |
| ▲ | 0cf8612b2e1e an hour ago | parent [-] | | A real innovation from the Bitcoin world! There are several physical password store systems that they have suggested for this kind of use case. The simplest is basically using a nail to punch out a password onto a piece of sheet metal. | | |
| ▲ | echoangle an hour ago | parent [-] | | Just make sure that the metal you use has a high enough melting point. | | |
|
| |
| ▲ | eljojo 2 hours ago | parent | prev | next [-] | | do you store stuff in a bank? could you tell me more about it? my account gives me access to one for free and been meaning to put a yubikey there for a while but never have | | | |
| ▲ | willmadden an hour ago | parent | prev [-] | | Floor safes do better than above-ground safes. |
|
|
| ▲ | maurycyz 2 hours ago | parent | prev | next [-] |
| This. A physical safe provides something that you can't do digitally: It's hard, but not impossible to get in without credentials. On the internet, it's either: Public for anyone in the whole world, or impossible to recover if anything goes wrong. |
| |
| ▲ | kylehotchkiss 2 hours ago | parent [-] | | I've broken into Physical Safes using nothing more than a drill with a half inch bit (I was young and didn't want to drag myself to harbor freight to sacrifice a more suitable tool). Enough boreholes and I had access. In hindsight, looking harder for the key would probably have been fruitful. | | |
| ▲ | 0cf8612b2e1e 2 hours ago | parent [-] | | Nothing says you cannot trivially encode the paper password. Those in the know understand that you need to append “BoomShakalaka”, replace “A” with “Q”, or some other super simple modification to what is recorded. Maybe the NSA would be willing to brute force the infinite variations from that starting seed, but it is still effectively locked for mortals. | | |
| ▲ | mathstuf an hour ago | parent [-] | | I've thought about making a "word search" and embedding the passphrase in it using a pattern (e.g., a subset of a Knight's tour, a space-filling curve overlay, or some other sampling algorithm). | | |
|
|
|
|
| ▲ | munk-a 2 hours ago | parent | prev | next [-] |
| Alternative - my partner and I (and also two other close contacts) have password managers that contain each of the other one's secret. This was less an effort to help with the memory loss scenario and more of an effort to deal with death and access to services (especially to cease subscriptions and the like). In a lower trust scenario you could probably use a lawyer as a broker of the secret (potentially even as part of a will). |
| |
| ▲ | rcxdude 2 hours ago | parent | next [-] | | Password managers like bitwarden also have emergency access features which can do this, with the caveat of trusting them to enforce the requirement of access only being granted after a notification to the account holder is not denied in some time period (but unlike the lawyer you're not trusting them with the secret directly) | | |
| ▲ | spockz an hour ago | parent | next [-] | | Apple has this thing called Legacy Contact which allows the same but then built in to the whole Apple account. This includes devices as well as the iCloud ~~and attached keychains. Granted, it is another hoop to jump through compared to presharing keys with each other.~~ It would be nice if your Apple account could be unlocked with some other keys as well apart from the primary one, but I guess that is what Apple calls the “Legacy Contact Key”. Edit: okay so the keychain is excluded from this. So back to storing each others passwords in eachothers keychain… | |
| ▲ | eljojo an hour ago | parent | prev [-] | | I didn't know about bit warden doing this until today! I definitely have to look closer into it, been using 1password for more than a decade and I keep being disappointed. I'd definitely like off-sourcing this to someone instead of building it myself |
| |
| ▲ | eljojo an hour ago | parent | prev [-] | | this is honestly a very pragmatic solution. the amount of life-long relationships i've seen vanish overnight has got me to reconsider my choices when it comes to single points of failure. I like the idea of the lawyer, unlike normal people, they like sticking to their promises. |
|
|
| ▲ | rcxdude 2 hours ago | parent | prev | next [-] |
| In general whatever kind of backup plan you have for when you die could also work in this scenario, you may just need to think harder about anything that you do not want have revealed when you die. |
|
| ▲ | eljojo 2 hours ago | parent | prev [-] |
| sometimes simpler is the best. I am always on the move so vaults don't jive well with me. my concern would be for something to still happen to it, too. I'm trying to go by the principle of not putting all my eggs on one basket. |
